site-ma.babes.com Open in urlscan Pro
66.254.114.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://site-ma.babes.com/
Submission: On June 06 via manual (June 6th 2023, 6:57:28 am UTC) from IL — Scanned from DE

Summary HTTP 48 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 11 domains to perform 48 HTTP transactions. The main IP is 66.254.114.234, located in United States and belongs to REFLECTED, US. The main domain is site-ma.babes.com.
TLS certificate: Issued by R3 on May 9th 2023. Valid for: 3 months.

This is the only time site-ma.babes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	66.254.114.234 66.254.114.234	29789 (REFLECTED) (REFLECTED)
13	66.254.122.19 66.254.122.19	29789 (REFLECTED) (REFLECTED)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	66.254.114.38 66.254.114.38	29789 (REFLECTED) (REFLECTED)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	205.185.208.85 205.185.208.85	20446 (STACKPATH...) (STACKPATH-CDN)
1	66.254.122.21 66.254.122.21	29789 (REFLECTED) (REFLECTED)
1	209.197.3.25 209.197.3.25	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	54.160.170.29 54.160.170.29	14618 (AMAZON-AES) (AMAZON-AES)
48	17

1 66.254.114.234 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

site-ma.babes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.254.122.19 (United States)

ASN29789 (REFLECTED, US)

static2-ma-ht.project1content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imageservice-assets-ht.project1content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.254.114.38 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

ads.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.85 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip085.ssl.hwcdn.net

hw-cdn2.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.122.21 (United States)

ASN29789 (REFLECTED, US)

ht-cdn2.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.25 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x019.map2.ssl.hwcdn.net

hw-cdn2.adtng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.160.170.29 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-170-29.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	project1content.com static2-ma-ht.project1content.com — Cisco Umbrella Rank: 87233 imageservice-assets-ht.project1content.com — Cisco Umbrella Rank: 119259	1 MB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1296 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1180 events.launchdarkly.com — Cisco Umbrella Rank: 981	1 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	406 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
4	trafficjunky.net ads.trafficjunky.net — Cisco Umbrella Rank: 11851 hw-cdn2.trafficjunky.net — Cisco Umbrella Rank: 59277 ht-cdn2.trafficjunky.net — Cisco Umbrella Rank: 73808	448 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	48 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	414 B
1	adtng.com hw-cdn2.adtng.com — Cisco Umbrella Rank: 10958	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	83 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	723 B
1	babes.com site-ma.babes.com	37 KB
48	11

	Domain	Requested by
11	static2-ma-ht.project1content.com	site-ma.babes.com static2-ma-ht.project1content.com
4	events.launchdarkly.com	static2-ma-ht.project1content.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	static2-ma-ht.project1content.com www.gstatic.com www.google.com
4	app.launchdarkly.com	static2-ma-ht.project1content.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google-analytics.com	static2-ma-ht.project1content.com site-ma.babes.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ads.trafficjunky.net	static2-ma-ht.project1content.com ads.trafficjunky.net
2	imageservice-assets-ht.project1content.com	site-ma.babes.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	hw-cdn2.adtng.com	ads.trafficjunky.net
1	ht-cdn2.trafficjunky.net	ads.trafficjunky.net
1	hw-cdn2.trafficjunky.net	ads.trafficjunky.net
1	clientstream.launchdarkly.com	site-ma.babes.com
1	www.googletagmanager.com	static2-ma-ht.project1content.com
1	fonts.googleapis.com	static2-ma-ht.project1content.com
1	site-ma.babes.com
48	18

This site contains links to these domains. Also see Links.

Domain
support.babes.com
www.babes.com
secure.vend-o.com

Subject Issuer	Validity	Valid
babes.com R3	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.project1content.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-05` - `2024-02-05`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-02-10` - `2023-10-07`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.trafficjunky.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-21` - `2023-11-21`	a year	crt.sh
*.adtng.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-15` - `2023-08-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
events.launchdarkly.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-16`	7 months	crt.sh

This page contains 3 frames:

Primary Page: https://site-ma.babes.com/
Frame ID: C3A5EAE303D583E87341620CD1F82424
Requests: 31 HTTP requests in this frame

Frame: https://ads.trafficjunky.net/ad7/get/10012615
Frame ID: D9AEA740BD8338361EEEE4C58D864E53
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV&co=aHR0cHM6Ly9zaXRlLW1hLmJhYmVzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=9osdgk16mz2a
Frame ID: A67B41D53D299B78EFBA0CFAA8AFCB02
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BabesBack To Top

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

47 %
IPv6

11
Domains

18
Subdomains

17
IPs

3
Countries

2214 kB
Transfer

4916 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://support.babes.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.babes.com/legal/privacy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://www.babes.com/legal/tos
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.babes.com/legal/2257
Title: here

Search URL Search Domain Scan URL

URL: https://secure.vend-o.com/customers/profile/login/
Title: Authorised Payment Processor Vendo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
site-ma.babes.com/ 391 KB
37 KB 312ms
241ms Document
text/html 66.254.114.234
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL

https://site-ma.babes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.254.114.234 , United States, ASN29789 (REFLECTED, US),

Reverse DNS

reflectededge.reflected.net

Software

openresty / Juan

Resource Hash

f39b02161661fc2362d2aeb3c914bab6ee8bd5ad3fe040da59479a6dbcb0cb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 06 Jun 2023 06:57:20 GMT
etag: W/"61dcd-xJdmzxNcGV2PzAn2QTYxktCL7xc"
server: openresty
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: Juan
x-trace: 2B610AEB027CBF42EB27BDEF3B4013737897B442BBCD3119933D3A6F7C00
x-xss-protection: 1; mode=block
x_ats_instance_id: 83221
x_ats_instance_type: ma
x_ats_page_id: 1060511
x_ats_page_type: HOME

GET
H2 200 runtime.3861c054.js Show response
static2-ma-ht.project1content.com/ma/ 10 KB
4 KB 1016ms
98ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 3e714897d02a9fea0e35acd23da1bb330469eee1efd5da2d8d0348f7fedb6e8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:21 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 14:44:35 GMT
etag: W/"37a34ef07-290b-5fd62f0f89ac0"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10475463
x-cdn-diag: fra1-11014-3-13996-h-0-0---;11015-46-32478----0-0-1
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
expires: Thu, 05 Oct 2023 01:58:55 GMT

GET
H2 200 vendors~main.d0976050.js Show response
static2-ma-ht.project1content.com/ma/ 2 MB
919 KB 1024ms
106ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: ae30247a717b8c8394b04f1dfa63074071cf8d349084d9ca8e684f317d174ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:21 GMT
content-encoding: gzip
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: W/"37e841c96-20ddfd-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10410968
x-cdn-diag: fra1-11028-2-36611-h-0-0---;11015-46-32478----0-0-0
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
expires: Thu, 28 Sep 2023 03:08:29 GMT

GET
H2 200 main.cf6c0f02.js Show response
static2-ma-ht.project1content.com/ma/ 606 KB
195 KB 1017ms
99ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/main.cf6c0f02.js
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: f1a9d44b13effa7be28e52314a1fba1eaf1dd4e4faf9ff33a6e4c98c2cf8091b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:21 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 14:44:35 GMT
etag: W/"37a34ef06-977de-5fd62f0f89ac0"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10582271
x-cdn-diag: fra1-11015-2-32012-h-0-0---;11015-46-32478----0-0-0
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
expires: Fri, 06 Oct 2023 07:39:03 GMT

OPTIONS
H2 200 63bdba6ee6d64c12826b8bff
app.launchdarkly.com/sdk/goals/ Frame 0
0 41ms
8ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://site-ma.babes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 06 Jun 2023 06:57:21 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10
x-served-by: cache-fra-eddf8230055-FRA
x-timer: S1686034642.953430,VS0,VE0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 46ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 06:49:32 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 469
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 06 Jun 2023 08:49:32 GMT

GET
H2 200 ContainerBlock.84a488e9.js Show response
static2-ma-ht.project1content.com/ma/@one/blocks/async/ 232 B
763 B 46ms
46ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/@one/blocks/async/ContainerBlock.84a488e9.js
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 2dec7720b333c080eba609ed501d2e187ab5261144ef7bd877e13ddd52089487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:21 GMT
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: "37e841ca7-e8-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10650286
x-cdn-diag: fra1-11014-3-13997-h-0-0---;11015-47-32478----0-0-1
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
content-length: 232
expires: Sat, 30 Sep 2023 23:16:48 GMT

GET
H2 200 63bdba6ee6d64c12826b8bff Show response
app.launchdarkly.com/sdk/goals/ 2 B
180 B 9ms
8ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://site-ma.babes.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Jun 2023 06:57:21 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230055-FRA
x-timer: S1686034642.963762,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 103

GET
H2 200 eyJrZXkiOiJ1c2VyLWtleS1NQSIsIm5hbWUiOiJNQSBMYXVuY2hEYXJrbHkiLCJlbWFpbCI6Im1pbmRnZWVrQGV4YW1wbGUuY29tIiwiY3VzdG9tIjp7InJvb3RFbnYiOiJwcm9kIiwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ Show response
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/ 575 B
564 B 9ms
8ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS1NQSIsIm5hbWUiOiJNQSBMYXVuY2hEYXJrbHkiLCJlbWFpbCI6Im1pbmRnZWVrQGV4YW1wbGUuY29tIiwiY3VzdG9tIjp7InJvb3RFbnYiOiJwcm9kIiwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99da467743dd0d89d9263e13c55548e7d614712246ea59db272fa2598be3cc30

Request headers

Referer: https://site-ma.babes.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:21 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 191
x-served-by: cache-fra-etou8220050-FRA, cache-fra-eddf8230055-FRA
x-timer: S1686034642.963567,VS0,VE1
etag: "75dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

OPTIONS
H2 200 eyJrZXkiOiJ1c2VyLWtleS1NQSIsIm5hbWUiOiJNQSBMYXVuY2hEYXJrbHkiLCJlbWFpbCI6Im1pbmRnZWVrQGV4YW1wbGUuY29tIiwiY3VzdG9tIjp7InJvb3RFbnYiOiJwcm9kIiwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/ Frame 0
0 39ms
8ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS1NQSIsIm5hbWUiOiJNQSBMYXVuY2hEYXJrbHkiLCJlbWFpbCI6Im1pbmRnZWVrQGV4YW1wbGUuY29tIiwiY3VzdG9tIjp7InJvb3RFbnYiOiJwcm9kIiwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://site-ma.babes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 06 Jun 2023 06:57:21 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-served-by: cache-fra-eddf8230055-FRA
x-timer: S1686034642.953449,VS0,VE0

GET
H2 200 css
fonts.googleapis.com/ 399 B
723 B 140ms
51ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid%20Sans

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a223914b609aaa3c2d68053df6070902531718c71746e5b6d646b89b13d7f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 05:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 06:57:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 150ms
63ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5PVJLCV9F

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23f9712b4148fa7a67dac8492c648cf824f758078578112644b4a72c9c2ebe51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 06:57:22 GMT

GET
H2 200 eyJrZXkiOiJ1c2VyLWtleS1NQSIsIm5hbWUiOiJNQSBMYXVuY2hEYXJrbHkiLCJlbWFpbCI6Im1pbmRnZWVrQGV4YW1wbGUuY29tIiwiY3VzdG9tIjp7InJvb3RFbnYiOiJwcm9kIiwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ
clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/ 592 B
0 113ms
39ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS1NQSIsIm5hbWUiOiJNQSBMYXVuY2hEYXJrbHkiLCJlbWFpbCI6Im1pbmRnZWVrQGV4YW1wbGUuY29tIiwiY3VzdG9tIjp7InJvb3RFbnYiOiJwcm9kIiwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2V9fQ

Requested by

Host: site-ma.babes.com
URL: https://site-ma.babes.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://site-ma.babes.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 776
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 RowBlock.b89cd334.js Show response
static2-ma-ht.project1content.com/ma/@one/blocks/async/ 422 B
954 B 47ms
46ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/@one/blocks/async/RowBlock.b89cd334.js
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 734d03ff1a92716d042bfcfa7d9788d20c6de890499a930b38b6ac7ae88fbc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: "37e841cbf-1a6-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10547344
x-cdn-diag: fra1-11015-2-32003-h-0-0---;11015-47-32478----0-0-1
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
content-length: 422
expires: Fri, 29 Sep 2023 17:01:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-117773996-1&cid=662296802.1686034642&jid=577531592&gjid=5630&_gid=288083810.1686034642&_u=YGDAiEABDAAAAEAAI~&z=799953691

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://site-ma.babes.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Jun 2023 06:57:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site-ma.babes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 54ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-137266146-1&cid=662296802.1686034642&jid=1643186619&gjid=1927897601&_gid=288083810.1686034642&_u=YGDAiEABDAAAAEAAI~&z=1914319553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://site-ma.babes.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Jun 2023 06:57:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site-ma.babes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 16ms
14ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=1565645013&t=pageview&_s=1&dl=https%3A%2F%2Fsite-ma.babes.com%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Babes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABDAAAAAAAI~&jid=577531592&gjid=5630&cid=662296802.1686034642&tid=UA-117773996-1&_gid=288083810.1686034642&cd1=BABES%3APC%3AMA%3A83221%3ALOGIN&z=1053858116

Requested by

Host: site-ma.babes.com
URL: https://site-ma.babes.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 05:49:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4101
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 16ms
14ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=1565645013&t=pageview&_s=1&dl=https%3A%2F%2Fsite-ma.babes.com%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Babes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABDAAAAEAAI~&jid=1643186619&gjid=1927897601&cid=662296802.1686034642&tid=UA-137266146-1&_gid=288083810.1686034642&cd1=BABES%3APC%3AMA%3A83221%3ALOGIN&z=805564673

Requested by

Host: site-ma.babes.com
URL: https://site-ma.babes.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 05:49:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4101
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ColumnBlock.47e809c6.js Show response
static2-ma-ht.project1content.com/ma/@one/blocks/async/ 435 B
967 B 47ms
46ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/@one/blocks/async/ColumnBlock.47e809c6.js
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 4640eae520cdf45fc0ea3c1872487f69304283ff559962b58fe1493306697ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: "37e841ca6-1b3-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10547344
x-cdn-diag: fra1-11015-1-31957-h-0-0---;11015-47-32478----0-0-1
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
content-length: 435
expires: Fri, 29 Sep 2023 17:01:26 GMT

GET
H2 200 LoginBlock.c56e5670.js Show response
static2-ma-ht.project1content.com/ma/@one/blocks/async/ 10 KB
5 KB 46ms
46ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/@one/blocks/async/LoginBlock.c56e5670.js
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 94c1bf47a0b09ab816ed6674ee4aefe460f00f9c6faa9fcad4b66cc6a995658d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: W/"37bbeca76-2618-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10778648
x-cdn-diag: fra1-11014-3-14007-h-0-0---;11015-47-32478----0-0-1
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
expires: Mon, 02 Oct 2023 09:16:31 GMT

GET
H2 200 TrustedPartnersBlock.dac7c6f9.js Show response
static2-ma-ht.project1content.com/ma/@one/blocks/async/ 2 KB
2 KB 48ms
47ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/@one/blocks/async/TrustedPartnersBlock.dac7c6f9.js
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 38a8a5e1b26f53b674cc9a19e88d428b65f1e990dbe9fcb63701373cf0e1479b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: W/"37bbeca95-891-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10778648
x-cdn-diag: fra1-11015-2-32002-h-0-0---;11015-47-32478----0-0-1
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
expires: Mon, 02 Oct 2023 09:16:31 GMT

GET
H2 200 FooterBlock.18ce4469.js Show response
static2-ma-ht.project1content.com/ma/@one/blocks/async/ 3 KB
2 KB 49ms
48ms Script
application/javascript 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-ma-ht.project1content.com/ma/@one/blocks/async/FooterBlock.18ce4469.js
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/runtime.3861c054.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 579b0a01ed19e06e1a25c5beb643672ebe193dc5007de422a33ad387db253831

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
last-modified: Thu, 25 May 2023 19:45:40 GMT
etag: W/"37e841cb1-b5f-5fc89dd798100"
vary: Accept-Encoding
access-control-max-age: 600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10650286
x-cdn-diag: fra1-11014-3-14007-h-0-0---;11015-47-32478----0-0-0
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
expires: Sat, 30 Sep 2023 23:16:48 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://site-ma.babes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 02:37:06 GMT
x-content-type-options: nosniff
age: 361216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 02:37:06 GMT

GET
H2 200 601c5f9e268085.67718955.png
imageservice-assets-ht.project1content.com/m=gd/assets/Babes/Logos/ 7 KB
7 KB 1018ms
46ms Image
image/png 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageservice-assets-ht.project1content.com/m=gd/assets/Babes/Logos/601c5f9e268085.67718955.png
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 9a46d9b02d82cc0fac11f1806556da3764c9de61532c485e843d4966365ebb9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:23 GMT
last-modified: Thu, 04 Feb 2021 20:57:02 GMT
etag: "372181409-224a-5ba88f200a380"
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=10716194
x-cdn-diag: fra1-11028-3-36652-h-0-0---;11015-47-32478----0-0-0
content-length: 6980
expires: Mon, 11 Sep 2023 15:04:11 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
937 B 127ms
48ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37df3ffea9862dfd3a5a186619620b684120a330d55d39dc71db78425c9bc249

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
x-xss-protection: 1; mode=block
expires: Tue, 06 Jun 2023 06:57:22 GMT

GET
H2 200 10012615 Show response
ads.trafficjunky.net/ad7/get/ Frame D9AE 4 KB
2 KB 96ms
36ms Document
text/html 66.254.114.38
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.trafficjunky.net/ad7/get/10012615
Requested by: Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.38 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: openresty /
Resource Hash: 3eb51c561238ea2b55257bda87675bb5f181f4dbe2f6b791f30711d18efcc217

Request headers

Referer: https://site-ma.babes.com/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET
content-encoding: gzip
content-type: text/html
date: Tue, 06 Jun 2023 06:57:22 GMT
server: openresty

GET
H2 200 probiller.5f27a427.png
static2-ma-ht.project1content.com/ma/assets/ 8 KB
9 KB 47ms
47ms Image
image/png 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2-ma-ht.project1content.com/ma/assets/probiller.5f27a427.png
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: ce087c55c6cfa777c2070304a44b3a756c57a31f124a9befcfe69af6bd103483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
last-modified: Fri, 05 May 2023 14:57:00 GMT
etag: "37a0ecd73-2131-5faf3804bc700"
access-control-max-age: 600
access-control-allow-methods: HEAD, POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10483519
x-cdn-diag: fra1-11014-3-14007-h-0-0---;11015-52-32478----0-0-0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
content-length: 8497
expires: Sat, 09 Sep 2023 20:13:40 GMT

GET
H2 200 rta.6e25c31d.jpg
static2-ma-ht.project1content.com/ma/assets/ 2 KB
3 KB 47ms
46ms Image
image/jpeg 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2-ma-ht.project1content.com/ma/assets/rta.6e25c31d.jpg
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 38c3608f1c53b13cd5567fecc6957d3568be15148abe43819e32bad5aa5d18f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
last-modified: Fri, 05 May 2023 14:57:00 GMT
etag: "37a0ecd74-811-5faf3804bc700"
access-control-max-age: 600
access-control-allow-methods: HEAD, POST, GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
cache-control: max-age=10545876
x-cdn-diag: fra1-11015-1-31940-h-0-0---;11015-52-32478----0-0-0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
content-length: 2065
expires: Sat, 09 Sep 2023 11:29:18 GMT

GET
H2 200 61f8066f8dfa78.52827888.webp
imageservice-assets-ht.project1content.com/m=bZi-b/assets/CorpFooter/01-31-2022/ 3 KB
3 KB 988ms
46ms Image
image/webp 66.254.122.19
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageservice-assets-ht.project1content.com/m=bZi-b/assets/CorpFooter/01-31-2022/61f8066f8dfa78.52827888.webp
Requested by: Host: site-ma.babes.com
URL: https://site-ma.babes.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 74ca8b4abf60eaa04de4c82c6b70e480c352e3df84d6eba046d1044ab3cf5d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:23 GMT
last-modified: Mon, 31 Jan 2022 15:55:27 GMT
etag: "372004f3b-1a7b-5d6e2d02b39c0"
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=9942604
x-cdn-diag: fra1-11037-1-7350-h-0-0---;11015-47-32478----0-0-0
content-length: 2706
expires: Fri, 14 Jul 2023 09:05:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 48ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5PVJLCV9F&gtm=45je35v0&_p=1565645013&cid=662296802.1686034642&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686034642&sct=1&seg=0&dl=https%3A%2F%2Fsite-ma.babes.com%2Flogin&dt=Babes&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5PVJLCV9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:57:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site-ma.babes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vortex-simple-1.0.0.js Show response
hw-cdn2.trafficjunky.net/delivery/vortex/ Frame D9AE 5 KB
5 KB 73ms
17ms Script
application/javascript 205.185.208.85
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hw-cdn2.trafficjunky.net/delivery/vortex/vortex-simple-1.0.0.js
Requested by: Host: ads.trafficjunky.net
URL: https://ads.trafficjunky.net/ad7/get/10012615
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.85 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip085.ssl.hwcdn.net
Software: /
Resource Hash: 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.trafficjunky.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 06:57:22 GMT
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
ETag: "1541168231"
X-HW: 1686034642.dop147.am5.t,1686034642.cds223.am5.shn,1686034642.dop147.am5.t,1686034642.cds143.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10629682
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5027

GET
H2 200 1065991_banner.png
ht-cdn2.trafficjunky.net/a7/creatives/23/122/816187/1065991/ Frame D9AE 439 KB
440 KB 2008ms
46ms Image
image/png 66.254.122.21
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht-cdn2.trafficjunky.net/a7/creatives/23/122/816187/1065991/1065991_banner.png
Requested by: Host: ads.trafficjunky.net
URL: https://ads.trafficjunky.net/ad7/get/10012615
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.21 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 5948ce23a3125e4113ea70796e6f6b98e228011373677f5c51e471beadb33e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.trafficjunky.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:24 GMT
last-modified: Thu, 04 May 2023 15:46:27 GMT
etag: "6ddd1-5fae0134d3ac0"
content-type: image/png
cache-control: max-age=10620387
x-cdn-diag: fra1-11015-2-32001-h-0-0---;11028-46-37003----0-0-0
accept-ranges: bytes
content-length: 450001
expires: Sat, 09 Sep 2023 12:40:53 GMT

GET
H/1.1 200
OK IntersectionObserver.js Show response
hw-cdn2.adtng.com/delivery/intersection_observer/ Frame D9AE 16 KB
17 KB 69ms
14ms Script
application/javascript 209.197.3.25
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
Requested by: Host: ads.trafficjunky.net
URL: https://ads.trafficjunky.net/ad7/get/10012615
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x019.map2.ssl.hwcdn.net
Software: /
Resource Hash: 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.trafficjunky.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 06:57:22 GMT
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
ETag: "1649192094"
X-HW: 1686034642.dop257.am5.t,1686034642.cds323.am5.shn,1686034642.cds323.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10606861
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16885

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ 410 KB
164 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://site-ma.babes.com/login
Origin: https://site-ma.babes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 16:50:57 GMT

GET
H2 200 eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTIyIiwic2lkIjoiMTAwMTI2MTUiLCJuaWRzIjoiNTk1ODgsNjMwMDAiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwNjU5OTEiLCJzdiI6IjIwMiIsInJlZl9kbW4iOiJzaXRlLW1hL... Show response
ads.trafficjunky.net/ad7/track/adviews/ Frame D9AE 0
431 B 37ms
36ms XHR
text/html 66.254.114.38
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.trafficjunky.net/ad7/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTIyIiwic2lkIjoiMTAwMTI2MTUiLCJuaWRzIjoiNTk1ODgsNjMwMDAiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwNjU5OTEiLCJzdiI6IjIwMiIsInJlZl9kbW4iOiJzaXRlLW1hLmJhYmVzLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJNQSIsImNyYyI6IjciLCJjbiI6Ijk1MFgyNTBfQ0hJQklQSE9FTklYIiwibmlkIjoiNjMwMDAiLCJleHRfcHViIjoiIiwiY3JwIjoiMTIuNSIsInRpZCI6IjQiLCJpdCI6IjA2XC9KdW5cLzIwMjM6MDY6NTc6MjIgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6IjEwNTE4NSIsImNpZCI6IjM4NjM1IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMjE0NjIzOSIsImlpZCI6ImY5MjM2MzNmMTM5MWFlYmNmYjNlYTExNTAyOWMxZTFmIiwiZXh0X2lpZCI6IiJ9?unique_view=1
Requested by: Host: ads.trafficjunky.net
URL: https://ads.trafficjunky.net/ad7/get/10012615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.38 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.trafficjunky.net/ad7/get/10012615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
server: openresty
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods: GET
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame A67B 50 KB
28 KB 60ms
60ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV&co=aHR0cHM6Ly9zaXRlLW1hLmJhYmVzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=9osdgk16mz2a

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54e3d524bfb92770626cfa9a6a43d47543d7b3fe2cbaf21c70f07147deb51e00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U2m-rYbQWMUYAAQC6ytBDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://site-ma.babes.com/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27875
content-security-policy: script-src 'report-sample' 'nonce-U2m-rYbQWMUYAAQC6ytBDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 06:57:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame A67B 55 KB
24 KB 115ms
38ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV&co=aHR0cHM6Ly9zaXRlLW1hLmJhYmVzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=9osdgk16mz2a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 13:02:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame A67B 410 KB
164 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167800
x-xss-protection: 0
last-modified: Tue, 30 May 2023 00:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 16:50:57 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A67B 2 KB
2 KB 38ms
38ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 201887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 10 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A67B 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 280944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 00:54:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A67B 15 KB
15 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:16:47 GMT
x-content-type-options: nosniff
age: 214835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 19:16:47 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame A67B 102 B
134 B 48ms
47ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV&co=aHR0cHM6Ly9zaXRlLW1hLmJhYmVzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=9osdgk16mz2a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 06:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 06 Jun 2023 06:57:22 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame A67B 34 KB
19 KB 91ms
91ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1f503bab4e6538528ce14304af99c922a94924c8fc0d5fc5ab2dfd7acc6f51b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldh5TweAAAAAOV8pEwBGf2QYfVfJ3wHSUnl1QVV&co=aHR0cHM6Ly9zaXRlLW1hLmJhYmVzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=9osdgk16mz2a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 06 Jun 2023 06:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19889
x-xss-protection: 1; mode=block
expires: Tue, 06 Jun 2023 06:57:23 GMT

OPTIONS
H2 204 63bdba6ee6d64c12826b8bff
events.launchdarkly.com/events/diagnostic/ Frame 0
0 320ms
105ms Preflight 54.160.170.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.170.29 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-170-29.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://site-ma.babes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 06 Jun 2023 06:57:24 GMT
strict-transport-security: max-age=31536000

POST
H2 202 63bdba6ee6d64c12826b8bff Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 106ms
105ms XHR
application/json 54.160.170.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.170.29 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-170-29.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://site-ma.babes.com/login
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Jun 2023 06:57:24 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

POST
H2 202 63bdba6ee6d64c12826b8bff Show response
events.launchdarkly.com/events/bulk/ 0
344 B 206ms
205ms XHR
application/json 54.160.170.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/63bdba6ee6d64c12826b8bff

Requested by

Host: static2-ma-ht.project1content.com
URL: https://static2-ma-ht.project1content.com/ma/vendors~main.d0976050.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.170.29 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-170-29.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 65573330-0437-11ee-aa73-f5383de1bc6a
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.24.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json
Referer: https://site-ma.babes.com/login
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2

Response headers

date: Tue, 06 Jun 2023 06:57:26 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 63bdba6ee6d64c12826b8bff
events.launchdarkly.com/events/bulk/ Frame 0
0 105ms
105ms Preflight 54.160.170.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/63bdba6ee6d64c12826b8bff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.170.29 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-170-29.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://site-ma.babes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 06 Jun 2023 06:57:26 GMT
strict-transport-security: max-age=31536000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5PVJLCV9F&gtm=45je35v0&_p=1565645013&cid=662296802.1686034642&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1686034642&sct=1&seg=0&dl=https%3A%2F%2Fsite-ma.babes.com%2Flogin&dt=Babes&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5PVJLCV9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://site-ma.babes.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 06:57:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://site-ma.babes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:39:46	Name: _GRECAPTCHA Value: 09ALyjir_qHN3Ug3kVd7x-KJS_9752q0NwBVXALmbk3nfQ3ehZtTarzxHplILo7EJG6vXBhFSIIC4PdAC_ohhvZXQ
site-ma.babes.com/	1970-01-20 12:22:01	Name: instance_token Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNjg2MTgyNDAwLCJpZCI6ODMyMjEsImJyYW5kIjoiYmFiZXMiLCJob3N0bmFtZSI6InNpdGUtbWEuYmFiZXMuY29tIn0.wVCzMu_xkvgm-9AVMNCBwnf89pvaewP_d7uM1SXvjVA
site-ma.babes.com/	1969-12-31 23:59:59	Name: __s Value: 647ED8D0-42FE72EA01BB3567-BF3F3
.babes.com/	1970-01-20 12:22:01	Name: _gid Value: GA1.2.288083810.1686034642
.babes.com/	1970-01-20 12:20:34	Name: _gat Value: 1
.babes.com/	1970-01-20 12:20:34	Name: _gat_secondTracker Value: 1
.babes.com/	1970-01-20 21:56:34	Name: _ga Value: GA1.1.662296802.1686034642
.babes.com/	1970-01-20 21:56:34	Name: _ga_H5PVJLCV9F Value: GS1.1.1686034642.1.0.1686034642.0.0.0
ads.trafficjunky.net/	1970-01-20 21:56:34	Name: adtool_guid Value: Ch5KJmR+2NK/eCbg/n8tAg==
ads.trafficjunky.net/	1969-12-31 23:59:59	Name: LBSERVERID Value: ded6742

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.trafficjunky.net
app.launchdarkly.com
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
ht-cdn2.trafficjunky.net
hw-cdn2.adtng.com
hw-cdn2.trafficjunky.net
imageservice-assets-ht.project1content.com
region1.google-analytics.com
site-ma.babes.com
static2-ma-ht.project1content.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.194.217
2001:4860:4802:34::178
2001:4860:4802:34::36
205.185.208.85
209.197.3.25
2a00:1450:4001:813::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
54.160.170.29
66.254.114.234
66.254.114.38
66.254.122.19
66.254.122.21
76.223.31.44
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6
23f9712b4148fa7a67dac8492c648cf824f758078578112644b4a72c9c2ebe51
2dec7720b333c080eba609ed501d2e187ab5261144ef7bd877e13ddd52089487
37df3ffea9862dfd3a5a186619620b684120a330d55d39dc71db78425c9bc249
38a8a5e1b26f53b674cc9a19e88d428b65f1e990dbe9fcb63701373cf0e1479b
38c3608f1c53b13cd5567fecc6957d3568be15148abe43819e32bad5aa5d18f5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e714897d02a9fea0e35acd23da1bb330469eee1efd5da2d8d0348f7fedb6e8f
3eb51c561238ea2b55257bda87675bb5f181f4dbe2f6b791f30711d18efcc217
4640eae520cdf45fc0ea3c1872487f69304283ff559962b58fe1493306697ee6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54e3d524bfb92770626cfa9a6a43d47543d7b3fe2cbaf21c70f07147deb51e00
579b0a01ed19e06e1a25c5beb643672ebe193dc5007de422a33ad387db253831
5948ce23a3125e4113ea70796e6f6b98e228011373677f5c51e471beadb33e3f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
734d03ff1a92716d042bfcfa7d9788d20c6de890499a930b38b6ac7ae88fbc63
73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46
74ca8b4abf60eaa04de4c82c6b70e480c352e3df84d6eba046d1044ab3cf5d1a
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94c1bf47a0b09ab816ed6674ee4aefe460f00f9c6faa9fcad4b66cc6a995658d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99da467743dd0d89d9263e13c55548e7d614712246ea59db272fa2598be3cc30
9a46d9b02d82cc0fac11f1806556da3764c9de61532c485e843d4966365ebb9c
a223914b609aaa3c2d68053df6070902531718c71746e5b6d646b89b13d7f6ed
ae30247a717b8c8394b04f1dfa63074071cf8d349084d9ca8e684f317d174ccc
ce087c55c6cfa777c2070304a44b3a756c57a31f124a9befcfe69af6bd103483
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f1a9d44b13effa7be28e52314a1fba1eaf1dd4e4faf9ff33a6e4c98c2cf8091b
f1f503bab4e6538528ce14304af99c922a94924c8fc0d5fc5ab2dfd7acc6f51b
f39b02161661fc2362d2aeb3c914bab6ee8bd5ad3fe040da59479a6dbcb0cb58

site-ma.babes.com Open in urlscan Pro 66.254.114.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

47 %IPv6

11 Domains

18 Subdomains

17 IPs

3 Countries

2214 kBTransfer

4916 kBSize

10 Cookies

5 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

site-ma.babes.com Open in urlscan Pro
66.254.114.234 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

47 %
IPv6

11
Domains

18
Subdomains

17
IPs

3
Countries

2214 kB
Transfer

4916 kB
Size

10
Cookies

48 HTTP transactions
0 data transactions